Adam, malicious hacker, has just succeeded in stealing through a secure cookie XSS attack. He is able to play back the cookie even if the session is valid on the server. Which of the following is the most likely cause of this issue?
A.
Two-way encryption is used.
B.
Encryption is performed at the application level (one encryption key).
C.
Encryption does not apply.
D.
Scrambling is performed in the network (layer 1 encryption)
If no encryption is applied to the cookie, then the cookie can easily be intercepted and stolen via XSS attacks, allowing the attacker to replay the cookie as described. This is a common vulnerability in web applications where cookies are not encrypted or adequately secured.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.312-38 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Tush_ace
4 weeks ago